Organizations Warned of Exploited Linux Kernel Vulnerability
An improper authentication bug allows attackers to escalate their privileges and escape containers. The post Organizations Warned of Exploited Linux Kernel Vulnerability appeared first on SecurityWeek.
The US cybersecurity agency CISA on Tuesday warned of in-the-wild exploitation of a Linux kernel vulnerability that leads to container escapes.
Tracked as CVE-2022-0492 (CVSS score of 7.8), the issue is described as an improper authentication vulnerability that could allow attackers to elevate their privileges and bypass the namespace isolation.
The security defect was found in cgroups, the Linux kernel’s control groups feature that specifies which OS resources a group of processes can use. While there are two control group versions, only cgroups v1 is affected.
Source: https://www.securityweek.com/organizations-warned-of-exploited-linux-kernel-vulnerability/
Related breach coverage
- PoC Released for DirtyDecrypt Linux Kernel Vulnerability2026-05-19
Patched in April, the underlying vulnerability allows local attackers to elevate their privileges to root. The post PoC Released for DirtyDecrypt Linux Kernel Vulnerability appeared first on SecurityWeek.
- 19-Year-Old Linux Kernel Vulnerability Exposes Systems to Root Access2026-06-01
Proof-of-concept (PoC) exploit code has been released for the CIFSwitch flaw, which allows low-privileged users to escalate to root on vulnerable Linux systems. The post 19-Year-Old Linux Kernel Vulnerability Exposes Systems to Root Access appeared first on SecurityWeek.
- WP Maps Pro Vulnerability Exploited to Take Over WordPress Sites2026-06-01
The security defect (CVE-2026-8732) allows unauthenticated attackers to create administrative accounts on the affected installations. The post WP Maps Pro Vulnerability Exploited to Take Over WordPress Sites appeared first on SecurityWeek.
- Cisco Patches Critical Vulnerability in Secure Workload2026-05-21
Insufficient validation and authentication in the Secure Workload’s REST APIs provide remote attackers with Site Admin privileges. The post Cisco Patches Critical Vulnerability in Secure Workload appeared first on SecurityWeek.